<?php
/**
 * Author Yulin
 * Email  dwzhanglong@126.com
 * Date   2017-7-21
 * Func   设置密保问题
 */
defined('IN_YuLin') || exit('NO PERMIT!');
$seo['title'] = '大众彩票-密保问题';
$pageTitle    = '设置密保问题';
$navTag       = 'member';
$page         = 'member/setquestion';

UserLogin();
$userInfo     = $_user;
if (IS_POST){
    $operation = NoBadStr($_POST['operation']);
    switch ($operation){
        case 'setquestion':
            $userTable    = Table('user');
            // 验证安全密码
            $safepwd      = NoBadStr($_POST['safepwd']);
            if ($safepwd != $userInfo['safepwd']){
                $error    = '安全密码错误';
                break;
            }
            $quesData = array(
                'question1' => NoBadStr($_REQUEST['question1']),
                'answer1'   => NoBadStr($_REQUEST['answer1']),
                'question2' => NoBadStr($_REQUEST['question2']),
                'answer2'   => NoBadStr($_REQUEST['answer2']),
                'question3' => NoBadStr($_REQUEST['question3']),
                'answer3'   => NoBadStr($_REQUEST['answer3']),
            );
            // 序列化保存
            $questionStr     = serialize($quesData);
            $setQuestionSql = 'UPDATE ' . $userTable . ' SET safe_question = "' . addslashes($questionStr) . '" WHERE id = ' . $_uid;
            $flag           = $db->exec($setQuestionSql);
            if ($flag){
                $redirect = U('member/index');
                header('Location:' . $redirect);
            }else{
                $error    = '操作失败';
            }
            break;
    }
    $tpl->display($page);
    die();
}

$tpl->display($page);